bilety.helios.pl Open in urlscan Pro
80.252.5.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bilety.helios.pl/
Effective URL:
https://bilety.helios.pl/
Submission: On October 23 via api (October 23rd 2023, 6:54:51 pm UTC) from US — Scanned from PL

Summary HTTP 83 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 83 HTTP transactions. The main IP is 80.252.5.36, located in Warsaw, Poland and belongs to AGORA, PL. The main domain is bilety.helios.pl.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on April 11th 2023. Valid for: a year.

This is the only time bilety.helios.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	80.252.5.36 80.252.5.36	8535 (AGORA) (AGORA)
3	23.37.41.69 23.37.41.69	16625 (AKAMAI-AS) (AKAMAI-AS)
4	74.125.133.92 74.125.133.92	15169 (GOOGLE) (GOOGLE)
2	142.250.186.141 142.250.186.141	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	23.206.19.66 23.206.19.66	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
12	104.18.130.236 104.18.130.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
14	80.252.5.30 80.252.5.30	8535 (AGORA) (AGORA)
2	104.18.32.193 104.18.32.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
83	17

26 80.252.5.36 (Warsaw, Poland) 1 redirects

ASN8535 (AGORA, PL)
PTR: host-80-252-5-36.gazeta.pl

bilety.helios.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
restapi.helios.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.41.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-41-69.deploy.static.akamaitechnologies.com

secure.payu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.133.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.141 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.19.66 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-19-66.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.130.236 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 80.252.5.30 (Warsaw, Poland)

ASN8535 (AGORA, PL)
PTR: host-80-252-5-30.gazeta.pl

movies.helios.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.32.193 (None, )

ASN13335 (CLOUDFLARENET, US)

cookies-data.onetrust.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	helios.pl 1 redirects bilety.helios.pl restapi.helios.pl movies.helios.pl	3 MB
13	google.com pay.google.com — Cisco Umbrella Rank: 3064 accounts.google.com — Cisco Umbrella Rank: 32 region1.analytics.google.com — Cisco Umbrella Rank: 2714 play.google.com — Cisco Umbrella Rank: 37	497 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	224 KB
4	gstatic.com www.gstatic.com	100 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	182 KB
3	payu.com secure.payu.com — Cisco Umbrella Rank: 224307	8 KB
2	onetrust.io cookies-data.onetrust.io — Cisco Umbrella Rank: 12846	85 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	316 B
1	google.pl www.google.pl — Cisco Umbrella Rank: 14935	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	254 B
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3927	19 KB
83	12

	Domain	Requested by
19	bilety.helios.pl	1 redirects bilety.helios.pl
14	movies.helios.pl	bilety.helios.pl
12	cdn.cookielaw.org	bilety.helios.pl cdn.cookielaw.org
7	restapi.helios.pl	bilety.helios.pl
6	play.google.com	www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	bilety.helios.pl pay.google.com www.gstatic.com
3	www.googletagmanager.com	bilety.helios.pl www.googletagmanager.com
3	secure.payu.com	bilety.helios.pl secure.payu.com
2	cookies-data.onetrust.io	bilety.helios.pl
2	connect.facebook.net	bilety.helios.pl connect.facebook.net
2	accounts.google.com	bilety.helios.pl accounts.google.com
1	geolocation.onetrust.com	bilety.helios.pl
1	www.google.pl	bilety.helios.pl
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	appleid.cdn-apple.com	bilety.helios.pl
83	17

This site contains links to these domains. Also see Links.

Domain
www.helios.pl
tcf.cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
*.helios.pl GeoTrust TLS RSA CA G1	`2023-04-11` - `2024-04-10`	a year	crt.sh
secure.payu.com Entrust Certification Authority - L1M	`2023-09-28` - `2024-10-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-02` - `2023-10-31`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.pl GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
onetrust.io Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://bilety.helios.pl/
Frame ID: 28F18333E6C70D951B8F941B79A7EF15
Requests: 67 HTTP requests in this frame

Frame: https://secure.payu.com/res/v2/tunnel.html
Frame ID: EA19AC99BB9B3D4E3F1AB50824BEB803
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37
Frame ID: A5DE16B961F8345B53B38A1BCBF771E5
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbilety.helios.pl&mid=
Frame ID: 3E7B854FE8652F298387BD7C6526B507
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HeliosBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://bilety.helios.pl/ HTTP 301
https://bilety.helios.pl/ Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

83
Requests

99 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

3976 kB
Transfer

8956 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helios.pl/polityka_prywatnosci_www/
Title: Polityka prywatności

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=pl
Title: | Wyświetl pełny tekst prawny Otwiera się w nowym oknie

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bilety.helios.pl/ HTTP 301
https://bilety.helios.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
bilety.helios.pl/
Redirect Chain

http://bilety.helios.pl/
https://bilety.helios.pl/

5 KB
2 KB

101ms
29ms

Document
text/html

80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 8d5a7c12af095e7b5c66b2bddd722d3f69178d2cd846bc8d50c004fe404c5c74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 23 Oct 2023 18:54:44 GMT
ETag: W/"047b0bdacefd91:0"
Last-Modified: Mon, 25 Sep 2023 12:35:18 GMT
Server: nginx/1.21.1.1 WhiteHorse
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 182
Content-Type: text/html
Date: Mon, 23 Oct 2023 18:54:44 GMT
Location: https://bilety.helios.pl/
Server: nginx/1.21.1.1 WhiteHorse

GET
H2 200 openpayu-2.1.js Show response
secure.payu.com/res/v2/ 20 KB
5 KB 227ms
58ms Script
text/javascript 23.37.41.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.com/res/v2/openpayu-2.1.js

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.41.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-41-69.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc72d70321a2084d113d3c44bf5857a2fc7d8d91ca77a1f7141f4245370db1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 18:54:45 GMT
content-length: 4935
pragma: no-cache
last-modified: Tue, 19 Sep 2023 09:10:41 GMT
server: Apache
etag: "1347-605b2a2114212"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=261
accept-ranges: bytes
expires: Mon, 23 Oct 2023 18:59:06 GMT

GET
H2 200 plugin-token-2.1.js Show response
secure.payu.com/res/v2/ 7 KB
2 KB 239ms
70ms Script
text/javascript 23.37.41.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.com/res/v2/plugin-token-2.1.js

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.41.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-41-69.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

adfff9e53bd59e5181e430f854a0965db57cad2bed59572573ec234febfed0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 18:54:45 GMT
content-length: 1415
pragma: no-cache
last-modified: Tue, 19 Sep 2023 09:10:41 GMT
server: Apache
etag: "587-605b2a21145fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=305
accept-ranges: bytes
expires: Mon, 23 Oct 2023 18:59:50 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 205ms
96ms Script
application/javascript 74.125.133.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f92.1e100.net

Software

ESF /

Resource Hash

b7e82e6f7c70e3a25f97065417a5bb4dd5690931fdb16f71a49dab26f9d480ca

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-cJp_dymC_jdFUDXvv915Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-cJp_dymC_jdFUDXvv915Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 23 Oct 2023 18:54:45 GMT

GET
H/1.1 200
OK runtime.76532088a73613b9.js Show response
bilety.helios.pl/ 1 KB
992 B 30ms
29ms Script
application/javascript 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/runtime.76532088a73613b9.js
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 8c39f793040e05a1fc4b324fce49da6525f9e2c7fe0cc2d47a00cdfebfe38d14

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK polyfills.11807c86796f8336.js Show response
bilety.helios.pl/ 33 KB
13 KB 60ms
30ms Script
application/javascript 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 81d17550334b6144011c86e2f279343bf8b3f736c3aaea645144c784a656aa75

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK scripts.33717e0bba7a5f24.js Show response
bilety.helios.pl/ 67 KB
24 KB 31ms
30ms Script
application/javascript 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/scripts.33717e0bba7a5f24.js
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 9397175f9329a1d5940a4d121719a1bed983b930df92be3252bd3e28c24e4da6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK vendor.bad6810f2d5664f6.js Show response
bilety.helios.pl/ 1 MB
479 KB 92ms
31ms Script
application/javascript 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/vendor.bad6810f2d5664f6.js
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 4594b88f26e4f176a861d6dc526e0a3f65521f46f6dc8367df6947ce16d345ff

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK main.f4cbb167f3428145.js Show response
bilety.helios.pl/ 817 KB
214 KB 127ms
57ms Script
application/javascript 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/main.f4cbb167f3428145.js
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 6a63885c3ecbe817973cd85f292f8f72d0934adacd8e8b1137fd5123db1f4b49

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK styles.478d9634c6d00e19.css
bilety.helios.pl/ 701 KB
119 KB 61ms
61ms Stylesheet
text/css 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: ce25993e8ec3ae1984398d7305529ff13d829efb9ab973c36db99246580b02ff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK config.json Show response
bilety.helios.pl/assets/ 5 KB
5 KB 29ms
29ms Fetch
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/config.json
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 23c3bfbf0f24b8bcd09d6973ed70a09dbb4a1bb88eb116244c4a9c2865cc1284

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Last-Modified: Tue, 26 Sep 2023 12:32:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "26e0a67c75f0d91:0"
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5171

GET
H2 200 tunnel.html Show response
secure.payu.com/res/v2/ Frame EA19 1 KB
855 B 56ms
56ms Document
text/html 23.37.41.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.com/res/v2/tunnel.html

Requested by

Host: secure.payu.com
URL: https://secure.payu.com/res/v2/openpayu-2.1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.41.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-41-69.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5b0abe465dbd23695d9a6087a5547f563c3819ecbfc70796054671fb8a94865d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://bilety.helios.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 590
content-type: text/html
date: Mon, 23 Oct 2023 18:54:45 GMT
etag: "24e-605b2a21145fa"
expires: Mon, 23 Oct 2023 18:54:45 GMT
last-modified: Tue, 19 Sep 2023 09:10:41 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
78 KB 203ms
108ms Script
application/javascript 142.250.186.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/main.f4cbb167f3428145.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.141 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f13.1e100.net

Software

ESF /

Resource Hash

ae881e3f8de010ac2581d13fbfe531ee47d8418e52e80d797b9b602c6139ca7b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cFoJf9NoBWUxEQOhOGfuCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cFoJf9NoBWUxEQOhOGfuCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 23 Oct 2023 18:54:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 141ms
47ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/main.f4cbb167f3428145.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

409e25475380ac14689fdf9ebe4c4326254710857892dca0b24a52f329ab7ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 18:54:46 GMT
content-md5: x38vKfs9K0ub0+KK/d/DWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: UCcF+NTFJYp/3D2xd1uWiw0YLhhk/Yz/720xi+82Ou+tdhyJwszRCMP3uCbJLrTmW4AFJWF9gFxLd1Sr36pHAQ==
x-fb-content-md5: f97e1fde97ed714a0fdabedc46ace356
cross-origin-opener-policy: same-origin-allow-popups
etag: "c560e3649b1bee5f92f3856b347e6bc7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:00:58 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/pl_PL/ 46 KB
19 KB 248ms
54ms Script
application/javascript 23.206.19.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/pl_PL/appleid.auth.js

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/main.f4cbb167f3428145.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.206.19.66 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-19-66.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

939d7ade851aabd11bbc52faaeb5601ecd27a33c0ffb09b1d2a447e2a2bf165e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 23 Oct 2023 18:54:46 GMT
Last-Modified: Tue, 17 Oct 2023 20:52:32 GMT
Server: Apple
ETag: W/"47035-1697575952075"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19032

GET
H/1.1 200
OK pl.json Show response
bilety.helios.pl/assets/i18n/ 17 KB
17 KB 29ms
29ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/i18n/pl.json?t=471690
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 14ab6c5ad7a2d82167bd219555a9bcfe8775d6456b5bf07fe490ab5f7fce774e

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17249

GET
H/1.1 200
OK cinema Show response
restapi.helios.pl/api/ 58 KB
58 KB 187ms
106ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/cinema
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 46f5c5070cd8211ad4c0d9e6de72bc95ac4a60c4d75cda87fb6964710a08a8a4

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 58977
Expires: -1

GET
H/1.1 200
OK language Show response
restapi.helios.pl/api/ 2 B
344 B 174ms
96ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/language
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 2
Expires: -1

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame A5DE 270 B
275 B 159ms
64ms Document
text/html 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/vendor.bad6810f2d5664f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bilety.helios.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 18:54:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
96 KB 149ms
54ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

570090a76e1c9a169f2f5bfc0f73e97e19ea11f2c753ec3140018a119da79f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97978
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 18:07:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Oct 2023 18:54:46 GMT

GET
H/1.1 200
OK DMSans-Regular.ttf
bilety.helios.pl/assets/fonts/DMSans/ 70 KB
71 KB 29ms
29ms Font
application/octet-stream 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/fonts/DMSans/DMSans-Regular.ttf
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 9ae2da663d64342031e59b5fa680dd355171d021b7ebf83774efc7c0330ae7b5

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72000

GET
H/1.1 200
OK logo.helios.png
bilety.helios.pl/assets/images/ 5 KB
5 KB 29ms
29ms Image
image/png 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilety.helios.pl/assets/images/logo.helios.png
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: e10ddcd43b99862241cb4fbe647ada24c13d7939d7f9a35fdb5c0c0137135150

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: W/"80b017bdacefd91:0"
Transfer-Encoding: chunked
Content-Type: image/png
Connection: keep-alive

GET
H/1.1 200
OK loader.gif
bilety.helios.pl/assets/images/ 497 KB
497 KB 30ms
29ms Image
image/gif 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilety.helios.pl/assets/images/loader.gif
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 0b865aaf44b3af1c9f722c2198e5be075d52a0c56b62c626049fccef6f1dbca5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/styles.478d9634c6d00e19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:45 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 509054

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 3E7B 19 KB
8 KB 245ms
244ms Document
text/html 74.125.133.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbilety.helios.pl&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f92.1e100.net

Software

ESF /

Resource Hash

e049c2e62510e84286b39110fd69fcc24ef872ba435b8c0e5f3116a2850f97d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wTZB9xXC9OBQaMlH_cfO-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bilety.helios.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wTZB9xXC9OBQaMlH_cfO-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 23 Oct 2023 18:54:46 GMT
expires: Mon, 23 Oct 2023 18:54:46 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/pl_PL/ 301 KB
86 KB 96ms
47ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=bf50a9cec1f21283648b67affe4ce81d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

23dea359567f1428e9e5f5b7c5c68a08fbba9a5148de6d81facbaa1327c9e75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 18:54:46 GMT
content-md5: Ig2YNIkmKOLIGt57hl4jTw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88411
reporting-endpoints
x-fb-debug: 0xgOjxli9zf6TESoq4/KokSAW1OjGXvln4HOX4bP+jOuQLirmPYivGdZrCqfSfFnzMrZtMF68qg9Gh09pX/+fQ==
x-fb-content-md5: 00cd6e2c66ce46138448f52123b3633a
cross-origin-opener-policy: same-origin-allow-popups
etag: "66fbc654114ba400af1401f7707ed8de"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Oct 2024 18:17:06 GMT

GET
H/1.1 200
OK d01e6010-d098-4899-951b-a7b7208df75a Show response
restapi.helios.pl/api/cinema/ 1 KB
1 KB 127ms
127ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 3607c4b57b109a4ed7d947ddd3b6831f6c3d801623015a52577e780dc5d12aa1

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
Accept-Language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 1100
Expires: -1

GET
H/1.1 200
OK screening Show response
restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/ 20 KB
20 KB 130ms
129ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/screening?dateTimeFrom=2023-10-23T00:00:00.000&dateTimeTo=2023-10-23T23:59:59.999
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 69104cda3fcf3a031bf2e272d0231d45f7fddd2580e958c1571cd7825a36c602

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
Accept-Language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 20507
Expires: -1

GET
H/1.1 200
OK movieprint Show response
restapi.helios.pl/api/ 4 KB
5 KB 185ms
114ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/movieprint?cinemaId=d01e6010-d098-4899-951b-a7b7208df75a&dateTimeFrom=2023-10-23T00:00:00.000&dateTimeTo=2023-10-23T23:59:59.999
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: eea773568e96ea893b46099c43e95dc7ade840316b4de1353c5d6c9633aa1ec0

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
Accept-Language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 4570
Expires: -1

GET
H/1.1 200
OK movie Show response
restapi.helios.pl/api/ 30 KB
31 KB 191ms
119ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/movie?dateTimeFrom=2023-10-23T00:00:00.000&dateTimeTo=2023-10-23T23:59:59.999&cinemaId=d01e6010-d098-4899-951b-a7b7208df75a
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 7a22f104774a97e1d2f1c8c0599eeadff9829c9a8b1e1b46d4e13ddecaf1825f

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
Accept-Language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 31160
Expires: -1

GET
H/1.1 200
OK event Show response
restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/ 9 KB
9 KB 210ms
123ms XHR
application/json 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/event?dateTimeFrom=2023-10-23T00:00:00.000&dateTimeTo=2023-10-23T23:59:59.999
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: d1c777c48adcd10ce26ff245d94218fc3ea963d0d55d2c48294e8fdcfef64fa0

Request headers

Accept: application/json, text/plain, */*
Referer: https://bilety.helios.pl/
Accept-Language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 18:54:45 GMT
Server: nginx/1.21.1.1 WhiteHorse
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://bilety.helios.pl
Access-Control-Expose-Headers: link
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 8772
Expires: -1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/ 20 KB
7 KB 125ms
56ms Script
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/otSDKStub.js

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e5d755de4c76b28238c8b895015535a9b3876d0b97e0e76fefae5154210b772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 40659
content-md5: ck/LsVKUiab4AAOYegagyg==
content-length: 6813
x-ms-lease-status: unlocked
last-modified: Fri, 06 May 2022 11:31:37 GMT
server: cloudflare
etag: 0x8DA2F53FB8068B5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8b571386-e01e-0135-11e1-5a30e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c33cae34e8-WAW
expires: Tue, 24 Oct 2023 18:54:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
86 KB 53ms
53ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSP2YSMWXY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4ad972fed2190b6e2af4b75710007979b1b9e936c592a073136f708e09860387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 18:54:46 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 59ms
59ms Stylesheet
text/css 142.250.186.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.141 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f13.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BMCRLsjmRO6ImzV-dqP_rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BMCRLsjmRO6ImzV-dqP_rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 23 Oct 2023 18:54:46 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 3E7B 156 KB
56 KB 141ms
44ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriHwYRufTL2gwb16jJSldy-wonUTg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbilety.helios.pl&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

1be83a0e9ac5d6c0411b20fe8f84bd211abffdcec5d005ac202741d99a2bb45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 18:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56339
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:30:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 18:40:49 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3E7B 2 KB
2 KB 150ms
150ms Other
text/html 74.125.133.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.133.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 128ms
50ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RSP2YSMWXY&gtm=45je3ai0&_p=1594537516&_gaz=1&cid=1370845775.1698087286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698087286&sct=1&seg=0&dl=https%3A%2F%2Fbilety.helios.pl%2F&dt=Helios&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RSP2YSMWXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:54:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bilety.helios.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 152ms
51ms Ping
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RSP2YSMWXY&cid=1370845775.1698087286&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RSP2YSMWXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:54:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bilety.helios.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
408 B 177ms
82ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RSP2YSMWXY&cid=1370845775.1698087286&gtm=45je3ai0&aip=1&z=2011394802

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:54:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7abf05b2-6f77-4c27-bde0-da584a08c265.json Show response
cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/ 3 KB
2 KB 124ms
63ms XHR
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/7abf05b2-6f77-4c27-bde0-da584a08c265.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36304109e4eef5a37cf32b1b6fadeb3d74f74aa8958a5490e40b501191513ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 37881
content-md5: 7tuAOW6eoJBv+v8d5k3dLg==
content-length: 1334
x-ms-lease-status: unlocked
last-modified: Fri, 06 May 2022 11:31:35 GMT
server: cloudflare
etag: 0x8DA2F53FA89AA25
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f076bb50-e01e-005c-2be3-5a291f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c4180c3516-WAW
expires: Tue, 24 Oct 2023 18:54:46 GMT

GET
H/1.1 200
OK opsieplakat.jpg
movies.helios.pl/images/ 58 KB
58 KB 156ms
30ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/opsieplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 6087d70640baf123c61a2d49f302d1e2d05a270529b3b8e59a6f52f2c19a1827

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Wed, 19 Jul 2023 09:47:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "39515b1326bad91:0"
Content-Length: 59330
Content-Type: image/jpeg

GET
H/1.1 200
OK chlopiplakat.jpg
movies.helios.pl/images/ 54 KB
54 KB 158ms
31ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/chlopiplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 0b9a0cc198b99c98706437b1343406a868b37fa102c27374f51ffba97bfc50d2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Fri, 01 Sep 2023 12:23:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "45cc4511cfdcd91:0"
Content-Length: 55431
Content-Type: image/jpeg

GET
H/1.1 200
OK mruijaplakat.jpg
movies.helios.pl/images/ 51 KB
51 KB 156ms
30ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/mruijaplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: abba0e3ce35ad39802e37da241f6f0478ff5bd38019d97c075f8f5e286e1ca70

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Fri, 11 Aug 2023 10:40:22 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "82e7de3a40ccd91:0"
Content-Length: 52277
Content-Type: image/jpeg

GET
H/1.1 200
OK raportpileckiegoplakat.jpg
movies.helios.pl/images/ 34 KB
34 KB 157ms
31ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/raportpileckiegoplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 414e379a339b62306f922dfb8f43445ed85f6a9afbcd58aeaf56dc8525a6137d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Fri, 11 Aug 2023 10:16:19 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "929331df3cccd91:0"
Content-Length: 34762
Content-Type: image/jpeg

GET
H/1.1 200
OK sposobnaduchaplakat.jpg
movies.helios.pl/images/ 48 KB
49 KB 156ms
30ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/sposobnaduchaplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: c1888fa7074172546262e68512e2d532d6569c3f09d9208bed87c0b5d474c187

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Fri, 29 Sep 2023 11:08:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "d851473bc5f2d91:0"
Content-Length: 49573
Content-Type: image/jpeg

GET
H/1.1 200
OK czaskrwawegoplakat.jpg
movies.helios.pl/images/ 51 KB
51 KB 157ms
30ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/czaskrwawegoplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: a0be1feed3526d77dda217ef5fb74072442d770be0b5d9986bb88612fea794d7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Wed, 04 Oct 2023 13:42:34 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "7bbc42a1c8f6d91:0"
Content-Length: 51850
Content-Type: image/jpeg

GET
H/1.1 404
Not Found poster_default.jpg
bilety.helios.pl/assets/clients/helios/images/ 5 KB
5 KB 31ms
30ms Image
text/html 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilety.helios.pl/assets/clients/helios/images/poster_default.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 9bc59804d3077706a86299f49d7b51a51539cc778475072e2c532e882c043c02

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:46 GMT
Cache-Control: private
Content-Encoding: gzip
Server: nginx/1.21.1.1 WhiteHorse
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK psipatrol2plakat.jpg
movies.helios.pl/images/ 66 KB
66 KB 30ms
29ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/psipatrol2plakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 2a3134872856fd347a823bcdfe096909da479b8acb27f41eb2f1ff18620c65b7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Thu, 31 Aug 2023 09:49:52 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "719f47df0dbd91:0"
Content-Length: 67350
Content-Type: image/jpeg

GET
H/1.1 200
OK rozyczka2plakat.jpg
movies.helios.pl/images/ 33 KB
33 KB 29ms
29ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/rozyczka2plakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 8e5b38c4e8a7444a45e2e1a34f1f5df7c9fc2aaac9f2749772f001f5d5ea4919

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Fri, 15 Sep 2023 11:21:38 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1a8d62cbc6e7d91:0"
Content-Length: 34065
Content-Type: image/jpeg

GET
H/1.1 200
OK tesciowie-2-plakat.jpg
movies.helios.pl/images/ 119 KB
119 KB 30ms
29ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/tesciowie-2-plakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: f4e22f576656984207544d306149bbcd14f5f7b73a20e41c709db5c6e06a2da1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Mon, 04 Sep 2023 16:43:22 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5831c7ea4edfd91:0"
Content-Length: 121630
Content-Type: image/jpeg

GET
H/1.1 200
OK sobowtorplakat.jpg
movies.helios.pl/images/ 46 KB
46 KB 30ms
30ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/sobowtorplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 42108ca385eeb6bf3143472c3043522a07f4394c457170f199c54150884c6229

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Fri, 11 Aug 2023 10:53:06 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "75ae36242ccd91:0"
Content-Length: 47046
Content-Type: image/jpeg

GET
H/1.1 200
OK zielonagranicaplakat.jpg
movies.helios.pl/images/ 38 KB
38 KB 30ms
29ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/zielonagranicaplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f47d1b04f22f3888a63c74fe0a91dd18f385cfaec9fc1d17ff91f738d3183ec

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Thu, 31 Aug 2023 09:58:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "d63b5bb6f1dbd91:0"
Content-Length: 38982
Content-Type: image/jpeg

GET
H/1.1 200
OK figurantplakat.jpg
movies.helios.pl/images/ 42 KB
42 KB 30ms
30ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/figurantplakat.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: ad6a4d084b3bc4fa2ecc243ca0aed82d884e03c5d272e81748de33c8e019be73

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Thu, 05 Oct 2023 13:09:22 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "7df04d288df7d91:0"
Content-Length: 42785
Content-Type: image/jpeg

GET
H/1.1 200
OK BRITNEYSPEARSCrossroadsGlobalFanEvent.jpg
movies.helios.pl/images/ 57 KB
58 KB 30ms
29ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/BRITNEYSPEARSCrossroadsGlobalFanEvent.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: 0b1f83594de67550b831ab2b58484ff9163e8a1da388a5bb5c22a6b55f2e7db9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Tue, 26 Sep 2023 06:03:36 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "e08d13303ff0d91:0"
Content-Length: 58864
Content-Type: image/jpeg

GET
H/1.1 200
OK Strzepy.jpg
movies.helios.pl/images/ 36 KB
36 KB 30ms
29ms Image
image/jpeg 80.252.5.30
AGORA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://movies.helios.pl/images/Strzepy.jpg
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-30.gazeta.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: bda108a572af39b0caf17c6a6eeb28e0e34ab9dfe8e6962bc44901dbd4c63b24

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:55:31 GMT
Last-Modified: Wed, 13 Sep 2023 13:44:35 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "838e86e48e6d91:0"
Content-Length: 36578
Content-Type: image/jpeg

GET
H/1.1 200
OK fa-solid-900.620019ed9d1100b6.woff2
bilety.helios.pl/ 76 KB
77 KB 30ms
29ms Font
application/font-woff2 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/fa-solid-900.620019ed9d1100b6.woff2
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:46 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/font-woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78268

GET
H/1.1 200
OK RobotoCondensed-Regular.ttf
bilety.helios.pl/assets/fonts/RobotoCondensed/ 163 KB
163 KB 49ms
48ms Font
application/octet-stream 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/fonts/RobotoCondensed/RobotoCondensed-Regular.ttf
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 04d2424978ab93cd524970aff21200ec88358176992af718ecd9fe96be5ae4b8

Request headers

Referer: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:46 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 166836

GET
H/1.1 200
OK RobotoCondensed-Bold.ttf
bilety.helios.pl/assets/fonts/RobotoCondensed/ 162 KB
163 KB 59ms
59ms Font
application/octet-stream 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/fonts/RobotoCondensed/RobotoCondensed-Bold.ttf
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 14948aedbcaf906a9cacab38de5fff889bde887ecbd710b8a1ada3ae84c65477

Request headers

Referer: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:46 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 166340

OPTIONS
H2 200 domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ Frame 0
0 120ms
47ms Preflight
application/json 104.18.32.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: domainid,location,url
Access-Control-Request-Method: GET
Origin: https://bilety.helios.pl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-ray: 81ac30c548d4bfa6-WAW
content-length: 0
content-type: application/json
date: Mon, 23 Oct 2023 18:54:46 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 domaingroupcheck Show response
cookies-data.onetrust.io/bannersdk/v1/ 17 B
85 B 62ms
61ms XHR
application/json 104.18.32.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Requested by: Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1aabe1212b2f9cb8f6a547454bd4e5f4773485e3e001b327e501ba3e0e77cc7

Request headers

location: cdn.cookielaw.org
Referer: https://bilety.helios.pl/
url: bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
domainId: 7abf05b2-6f77-4c27-bde0-da584a08c265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 81ac30c59945bfa6-WAW
access-control-allow-headers: Content-Type
content-length: 17

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
316 B 132ms
61ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

809131692400e617b2bca6830799cb095a65057f948eba12c71caa8b1d2be016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://bilety.helios.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 81ac30c54e3a34b5-WAW
access-control-allow-headers: Content-Type

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame 3E7B 72 KB
27 KB 45ms
44ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj3yg9jfSwPt_wBOQlap6LR-GOEDw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriHwYRufTL2gwb16jJSldy-wonUTg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

244accee46e846a287c7a92b93b917a12a5cdd7fb1c8082d0a83430c00f9e4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27213
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 03:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 19:52:56 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 3E7B 1 MB
371 KB 119ms
119ms XHR
text/html 74.125.133.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f92.1e100.net

Software

ESF /

Resource Hash

f9ce18632a22649069460c62a1fbf652db0838e3d550fa384b3d5db47e3bb708

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-q4j0oS2pcQJi-9D-xbBayw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-q4j0oS2pcQJi-9D-xbBayw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 23 Oct 2023 18:54:46 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame 3E7B 9 KB
4 KB 46ms
45ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj3yg9jfSwPt_wBOQlap6LR-GOEDw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

fd0262a4252df13a4ddc1284ffcc7ae10da3e268bbe29a8be68e80b8515054cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3915
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 03:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 19:52:58 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame 3E7B 37 KB
14 KB 47ms
46ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.n0KXeLzhgCk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj3yg9jfSwPt_wBOQlap6LR-GOEDw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b3cdccba423df32576947fbe6bfbf0d48c525396ff69ef3f08abf9844d848382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14051
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 03:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 19:52:58 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3E7B 131 B
155 B 189ms
100ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 18:54:46 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 181ms
76ms Preflight
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 23 Oct 2023 18:54:46 GMT
expires: Mon, 23 Oct 2023 18:54:46 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3E7B 131 B
155 B 188ms
99ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 18:54:46 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 180ms
77ms Preflight
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 23 Oct 2023 18:54:46 GMT
expires: Mon, 23 Oct 2023 18:54:46 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3E7B 131 B
155 B 189ms
100ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 18:54:46 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 180ms
77ms Preflight
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 23 Oct 2023 18:54:46 GMT
expires: Mon, 23 Oct 2023 18:54:46 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.34.0/ 348 KB
83 KB 43ms
42ms Script
application/javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ywzctmjVIapkx83Pz3a+AQ==
age: 40671
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 84671
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:35 GMT
server: cloudflare
etag: 0x8DA3822B5C4CCF6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 314095dd-101e-012b-2de1-5aea0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c5b90b34e8-WAW

GET
H2 200 pl.json Show response
cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/04ddb829-7202-4ebc-a859-11c9916468f3/ 93 KB
22 KB 66ms
65ms Fetch
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/04ddb829-7202-4ebc-a859-11c9916468f3/pl.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

417ba71e0d426a2f2adc65c5173336a511da9768304b6b4ab4a9ea05ff4ee45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36429
content-md5: RgkytXV59glptf5J37AzeA==
content-length: 22624
x-ms-lease-status: unlocked
last-modified: Fri, 06 May 2022 11:31:41 GMT
server: cloudflare
etag: 0x8DA2F53FE2AB12C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2d423d56-301e-0137-08e3-5a321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c63c5f3516-WAW
expires: Tue, 24 Oct 2023 18:54:46 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 389 KB
56 KB 80ms
79ms Fetch
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d55967ff37acd575fed47dffce4129e6ef714e414dcd0353a3b03816fdc2e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X56uGQ+dvKTTJcMKqpNTJA==
age: 38406
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 56828
x-ms-lease-status: unlocked
last-modified: Mon, 23 Oct 2023 07:18:12 GMT
server: cloudflare
etag: 0x8DBD39837E8B15C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cd99585e-101e-000c-4e88-05ae8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c63c603516-WAW

GET
H2 200 googleData.json Show response
cdn.cookielaw.org/vendorlist/ 56 KB
16 KB 54ms
53ms Fetch
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/googleData.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a6a34c7aecb6ffec0a5abeac30e74bbac96825870de87139ceb8425b4d9b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5zsj3C8kCkpgFbn9xoQgCw==
age: 36714
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 16214
x-ms-lease-status: unlocked
last-modified: Mon, 23 Oct 2023 08:24:18 GMT
server: cloudflare
etag: 0x8DBD3A173CA8C93
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 13de3c7e-101e-001c-768a-056be3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c63c643516-WAW

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.34.0/ 68 KB
15 KB 51ms
51ms Script
application/javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IPJurqOx+TrXS9c/3t+LWw==
age: 40667
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:34 GMT
server: cloudflare
etag: 0x8DA3822B4DAB47A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8b570eda-e01e-0135-2ce1-5a30e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c63a1234e8-WAW

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 9 KB
3 KB 47ms
47ms Fetch
application/json 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCenterRounded.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uf6D9U7P3Lg0qYVFfi+Iig==
age: 39222
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2585
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:26 GMT
server: cloudflare
etag: 0x8DA3822B05223CC
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1626b7c3-501e-00ab-72e3-5a0ff4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c74e803516-WAW

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/ 53 KB
12 KB 49ms
48ms Fetch
application/json 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcCenter.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NS4/Ql3sVfXAVIyb20II4w==
age: 39222
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12384
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:27 GMT
server: cloudflare
etag: 0x8DA3822B13BA01A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fcb613c8-401e-00d9-0ce3-5a7eca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c74e873516-WAW

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 5 KB
2 KB 44ms
43ms Fetch
application/json 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCookieSettingsButton.json

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: i+uvjjZQ5wEBgLSseorNJg==
age: 39372
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1780
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:27 GMT
server: cloudflare
etag: 0x8DA3822B0F18204
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 86b48425-301e-0011-30e3-5aeffd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81ac30c74e8c3516-WAW

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 21 KB
4 KB 43ms
41ms Fetch
text/css 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css

Requested by

Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 37264
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: fcd619e1-501e-0082-3be3-5a79b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81ac30c75e913516-WAW

GET
H/1.1 200
OK DMSans-Bold.ttf
bilety.helios.pl/assets/fonts/DMSans/ 70 KB
70 KB 30ms
29ms Font
application/octet-stream 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/fonts/DMSans/DMSans-Bold.ttf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 3edb1342cebb1b19c3e3fee912497961006e29bf58486ba0404c33c54c463435

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:46 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71852

GET
H/1.1 200
OK DMSans-Medium.ttf
bilety.helios.pl/assets/fonts/DMSans/ 70 KB
70 KB 32ms
31ms Font
application/octet-stream 80.252.5.36
AGORA

General

Check archive.org

Show headers Download Go to

Full URL: https://bilety.helios.pl/assets/fonts/DMSans/DMSans-Medium.ttf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS: host-80-252-5-36.gazeta.pl
Software: nginx/1.21.1.1 WhiteHorse /
Resource Hash: 418ce314f345540ffabeb91fb58c9a3cd83cb2df850ff32313c833e4604740c0

Request headers

Referer: https://bilety.helios.pl/
Origin: https://bilety.helios.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 18:54:46 GMT
Last-Modified: Mon, 25 Sep 2023 12:35:17 GMT
Server: nginx/1.21.1.1 WhiteHorse
ETag: "80b017bdacefd91:0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71764

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 45ms
45ms Image
image/svg+xml 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bilety.helios.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 18:54:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 40684
x-ms-lease-status: unlocked
last-modified: Thu, 19 Oct 2023 20:11:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 40cc5888-c01e-0042-13d7-028003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81ac30c7dcff34e8-WAW

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RSP2YSMWXY&gtm=45je3ai0&_p=1594537516&cid=1370845775.1698087286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698087286&sct=1&seg=0&dl=https%3A%2F%2Fbilety.helios.pl%2F&dt=Helios&en=scroll&epn.percent_scrolled=90&_et=11

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 20:04:58	Name: NID Value: 511=FVdkODjRuMzhW-WLNOZE-pBdUpHs0CUpA-gB4jYy8TmDFAxddOF-TJ41RAIKyEVyHRF6LsUH0wjBn-KlzF1ArkNToLoYOawold96fNHzjdkeufDrAhCWLcCpBpufx5BmvKycVvcIXp_Xz6-hkN4AUYMwQMnSwEm_3qQmfTFYKys
.helios.pl/	1970-01-21 01:17:27	Name: _ga Value: GA1.1.1370845775.1698087286
.helios.pl/	1970-01-21 01:17:27	Name: _ga_RSP2YSMWXY Value: GS1.1.1698087286.1.0.1698087286.60.0.0
.helios.pl/	1970-01-21 00:27:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Oct+23+2023+20%3A54%3A46+GMT%2B0200+(Central+European+Summer+Time)&version=6.34.0&isIABGlobal=false&hosts=&consentId=7a31e99c-a87c-4e0c-8a20-e83424a216b0&interactionCount=0&landingPath=https%3A%2F%2Fbilety.helios.pl%2F%23%2Fscreening&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0%2CSTACK42%3A0&genVendors=V12%3A0%2CV13%3A0%2CV6%3A0%2CV16%3A0%2CV17%3A0%2CV15%3A0%2CV7%3A0%2CV10%3A0%2CV21%3A0%2CV5%3A0%2CV9%3A0%2CV3%3A0%2CV20%3A0%2CV11%3A0%2CV4%3A0%2CV1%3A0%2CV18%3A0%2CV2%3A0%2CV8%3A0%2CV22%3A0%2CV14%3A0%2CV19%3A0%2C

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bilety.helios.pl/assets/clients/helios/images/poster_default.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
bilety.helios.pl
cdn.cookielaw.org
connect.facebook.net
cookies-data.onetrust.io
geolocation.onetrust.com
movies.helios.pl
pay.google.com
play.google.com
region1.analytics.google.com
restapi.helios.pl
secure.payu.com
stats.g.doubleclick.net
www.google.pl
www.googletagmanager.com
www.gstatic.com
region1.analytics.google.com
104.18.130.236
104.18.32.193
108.177.15.156
142.250.185.195
142.250.186.104
142.250.186.141
142.250.186.67
142.250.186.78
157.240.253.1
172.64.155.119
216.239.34.36
23.206.19.66
23.37.41.69
74.125.133.92
80.252.5.30
80.252.5.36
04d2424978ab93cd524970aff21200ec88358176992af718ecd9fe96be5ae4b8
0b1f83594de67550b831ab2b58484ff9163e8a1da388a5bb5c22a6b55f2e7db9
0b865aaf44b3af1c9f722c2198e5be075d52a0c56b62c626049fccef6f1dbca5
0b9a0cc198b99c98706437b1343406a868b37fa102c27374f51ffba97bfc50d2
14948aedbcaf906a9cacab38de5fff889bde887ecbd710b8a1ada3ae84c65477
14ab6c5ad7a2d82167bd219555a9bcfe8775d6456b5bf07fe490ab5f7fce774e
1be83a0e9ac5d6c0411b20fe8f84bd211abffdcec5d005ac202741d99a2bb45f
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390
1f47d1b04f22f3888a63c74fe0a91dd18f385cfaec9fc1d17ff91f738d3183ec
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
23c3bfbf0f24b8bcd09d6973ed70a09dbb4a1bb88eb116244c4a9c2865cc1284
23dea359567f1428e9e5f5b7c5c68a08fbba9a5148de6d81facbaa1327c9e75c
244accee46e846a287c7a92b93b917a12a5cdd7fb1c8082d0a83430c00f9e4aa
2a3134872856fd347a823bcdfe096909da479b8acb27f41eb2f1ff18620c65b7
3607c4b57b109a4ed7d947ddd3b6831f6c3d801623015a52577e780dc5d12aa1
36304109e4eef5a37cf32b1b6fadeb3d74f74aa8958a5490e40b501191513ddc
36a6a34c7aecb6ffec0a5abeac30e74bbac96825870de87139ceb8425b4d9b0e
3edb1342cebb1b19c3e3fee912497961006e29bf58486ba0404c33c54c463435
409e25475380ac14689fdf9ebe4c4326254710857892dca0b24a52f329ab7ea3
414e379a339b62306f922dfb8f43445ed85f6a9afbcd58aeaf56dc8525a6137d
417ba71e0d426a2f2adc65c5173336a511da9768304b6b4ab4a9ea05ff4ee45e
418ce314f345540ffabeb91fb58c9a3cd83cb2df850ff32313c833e4604740c0
42108ca385eeb6bf3143472c3043522a07f4394c457170f199c54150884c6229
4594b88f26e4f176a861d6dc526e0a3f65521f46f6dc8367df6947ce16d345ff
46f5c5070cd8211ad4c0d9e6de72bc95ac4a60c4d75cda87fb6964710a08a8a4
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ad972fed2190b6e2af4b75710007979b1b9e936c592a073136f708e09860387
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
570090a76e1c9a169f2f5bfc0f73e97e19ea11f2c753ec3140018a119da79f61
5b0abe465dbd23695d9a6087a5547f563c3819ecbfc70796054671fb8a94865d
5d55967ff37acd575fed47dffce4129e6ef714e414dcd0353a3b03816fdc2e15
6087d70640baf123c61a2d49f302d1e2d05a270529b3b8e59a6f52f2c19a1827
69104cda3fcf3a031bf2e272d0231d45f7fddd2580e958c1571cd7825a36c602
6a63885c3ecbe817973cd85f292f8f72d0934adacd8e8b1137fd5123db1f4b49
746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
7a22f104774a97e1d2f1c8c0599eeadff9829c9a8b1e1b46d4e13ddecaf1825f
809131692400e617b2bca6830799cb095a65057f948eba12c71caa8b1d2be016
81d17550334b6144011c86e2f279343bf8b3f736c3aaea645144c784a656aa75
8c39f793040e05a1fc4b324fce49da6525f9e2c7fe0cc2d47a00cdfebfe38d14
8d5a7c12af095e7b5c66b2bddd722d3f69178d2cd846bc8d50c004fe404c5c74
8e5b38c4e8a7444a45e2e1a34f1f5df7c9fc2aaac9f2749772f001f5d5ea4919
8e5d755de4c76b28238c8b895015535a9b3876d0b97e0e76fefae5154210b772
9397175f9329a1d5940a4d121719a1bed983b930df92be3252bd3e28c24e4da6
939d7ade851aabd11bbc52faaeb5601ecd27a33c0ffb09b1d2a447e2a2bf165e
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9ae2da663d64342031e59b5fa680dd355171d021b7ebf83774efc7c0330ae7b5
9bc59804d3077706a86299f49d7b51a51539cc778475072e2c532e882c043c02
9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1
a0be1feed3526d77dda217ef5fb74072442d770be0b5d9986bb88612fea794d7
abba0e3ce35ad39802e37da241f6f0478ff5bd38019d97c075f8f5e286e1ca70
ad6a4d084b3bc4fa2ecc243ca0aed82d884e03c5d272e81748de33c8e019be73
adfff9e53bd59e5181e430f854a0965db57cad2bed59572573ec234febfed0ea
ae881e3f8de010ac2581d13fbfe531ee47d8418e52e80d797b9b602c6139ca7b
b3cdccba423df32576947fbe6bfbf0d48c525396ff69ef3f08abf9844d848382
b7e82e6f7c70e3a25f97065417a5bb4dd5690931fdb16f71a49dab26f9d480ca
bda108a572af39b0caf17c6a6eeb28e0e34ab9dfe8e6962bc44901dbd4c63b24
c1888fa7074172546262e68512e2d532d6569c3f09d9208bed87c0b5d474c187
cc72d70321a2084d113d3c44bf5857a2fc7d8d91ca77a1f7141f4245370db1e4
ce25993e8ec3ae1984398d7305529ff13d829efb9ab973c36db99246580b02ff
d1aabe1212b2f9cb8f6a547454bd4e5f4773485e3e001b327e501ba3e0e77cc7
d1c777c48adcd10ce26ff245d94218fc3ea963d0d55d2c48294e8fdcfef64fa0
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e049c2e62510e84286b39110fd69fcc24ef872ba435b8c0e5f3116a2850f97d3
e10ddcd43b99862241cb4fbe647ada24c13d7939d7f9a35fdb5c0c0137135150
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7
ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae
eea773568e96ea893b46099c43e95dc7ade840316b4de1353c5d6c9633aa1ec0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e22f576656984207544d306149bbcd14f5f7b73a20e41c709db5c6e06a2da1
f9ce18632a22649069460c62a1fbf652db0838e3d550fa384b3d5db47e3bb708
fd0262a4252df13a4ddc1284ffcc7ae10da3e268bbe29a8be68e80b8515054cd

bilety.helios.pl Open in urlscan Pro 80.252.5.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

99 %HTTPS

0 %IPv6

12 Domains

17 Subdomains

17 IPs

4 Countries

3976 kBTransfer

8956 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bilety.helios.pl Open in urlscan Pro
80.252.5.36 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

99 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

3976 kB
Transfer

8956 kB
Size

4
Cookies

83 HTTP transactions
0 data transactions